Backendwise, it has to be local, we don't have any write permission to AD or LDAP.
If I do: wbinfo -n knixon, I get the ssid back. Taking it to the next level with: wbinfo -S `wbinfo -n knixon` gets me: Could not convert sid S-1-5-21-1606980848-1644491937-839522115-152478 to uid So it looks like we are getting what we need from AD and that I just have some kind of issue with the smb.conf configuration. On Sun, Nov 1, 2009 at 7:10 AM, Robert LeBlanc <[email protected]> wrote: > You seem to be missing an idmap backend entry. If you are going to 3.4, you > may want to look at hash, there is also RID. If you already have an extended > schema, you may want to look at ads. > > Robert LeBlanc > Life Sciences & Undergraduate Education Computer Support > Brigham Young University > > > On Fri, Oct 30, 2009 at 4:37 PM, Wayne Rasmussen <[email protected] > > wrote: > >> idmapping changes from 3.0.10 to 3.4.2. >> >> Trying to transition from 3.0.10 to 3.4.2 with a minimal change to the >> system >> meaning it would be nice to only change the smb.conf file if possible. >> >> The new version doesn't seem to properly work. getent passwd only >> produces >> entries from /etc/passwd. Sometimes, getent passwd user will get results >> but usually they don't. >> >> Also, when winbindd (ves 3.0.10) started it would have a heavy load for >> about >> 15 minutes while it loaded information. This version (3.4.2) seems to >> have >> very little load so it seems to act differently or it is having a problem. >> >> Any suggestions on how to change the global section below quickly and >> easily >> to make this a transparent tranision? >> >> Below is the global section of our smb.conf for 3.0.10. >> Note: I changed the workgroup/realm for posting. I just want it to work >> like >> the previous system worked. >> >> [global] >> workgroup = XX >> realm = XX.YYY.ZZZ >> security = ADS >> encrypt passwords = yes >> log level = 1 >> idmap uid = 2000-900000 >> idmap gid = 2000-900000 >> winbind enum users = yes >> winbind enum groups = yes >> template homedir = /u/%U >> template shell = /bin/false >> winbind use default domain = yes >> winbind cache time = 1800 >> wins server = 143.231.3.194 143.231.40.66 >> client schannel = no >> #starting to add stuff to see how things are working >> #username map = /usr/local/samba/lib/users.map >> #guestaccount = NULL >> #load printers = yes >> log file = /usr/local/samba/var/log.%m >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba >> > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
